Release date:
Updated on:
Affected Systems:
IBM WebSphere MQ 7.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56471
IBM WebSphere MQ is used to provide message transmission services in enterprises.
When executing the following entries, IBM WebSphere MQ 7.1 unexpectedly interrupts and generates an FDC file. The implementation vulnerability exists. After successful exploitation, attackers can cause application crashes.
PIDS:-5724H7220
LVLS:-7.1.0.0
Product Long Name:-WebSphere MQ for Windows
Probe Id:-XC130031
Application Name:-MQM
Component:-xehExceptionHandler
SCCS Info:-lib, cs, pc, winnt, amqxerrn. c, 1.44
Line Number:-761
Build Date:-Oct 19 2011.
CMVC level:-p000-L111019
Build Type:-IKAP-(Production)
Process Name:-C: \ Program Files (x86) \ IBM \ WebSphere
MQ \ bin \ amqzlaa0.exe
Major Errorcode:-xecF_E_UNEXPECTED_SYSTEM_RC
Minor Errorcode:-OK
Probe Type:-MSGAMQ6119
Probe Severity:-2
Probe Description:-AMQ6109: An internal WebSphere MQ error has
Occurred.
FDCSequenceNumber:-0
Comment1:-Access Violation at address xxxxxxxx when
Writing
<* Source: vendor
Link: http://secunia.com/advisories/51216/
Http://www-01.ibm.com/support/docview.wss? Uid = swg1IC82908
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
Update to 7.1.0.2:
Swg1IC82908: IC82908: WebSphere MQ V7.1: Queue manager ends unexpectedly. FFST probe XC130031 in kqiTickleEarly. zrcC_E_INVALID_HANDLE may be seen.
Link: http://www-01.ibm.com/support/docview.wss? Uid = swg1IC82908